Systems Analyst - Information Management & Technology
About The Position
Nova Scotia Health is the largest provider of health services in Nova Scotia, with some specialized services also offered to clients throughout Atlantic Canada. We’re on a mission to achieve excellence in health, healing, and learning through working together, which is reflected in the hospitals, health centres, and community-based programs we operate across the province. Our passionate team of professionals provides a variety of high-quality inpatient and outpatient services including academic, tertiary, and quaternary care, as well as continuing care, primary health care, public health, and mental health and addictions. Join a diverse team of innovators, collaborators, and creative thinkers today.Nova Scotia Health employs professionals in all corners of our beautiful province. We believe there's a place here for everyone to call home, from vibrant cities with exuberant nightlife to quaint towns with picturesque trails. The work-life balance that comes with a Nova Scotia Health role means you'll have the time to explore, discover, and participate in that coveted Atlantic lifestyle. Visit us today and check out www.novascotia.com to see why more people from across the globe are moving here. The IM/IT Security and Risk Analyst (SRA), reports to an IM/IT RSC Manager and will take direction from either the IM/IT Lead or Sr. Analyst. This position is responsible for the analysis, classification, and response to cybersecurity risks within an organization. The SRA addresses cybersecurity risk and analyses the potential business and customer risk, aligning processes and controls to the relevant frameworks and internal systems. The IM/IT SRA works with their team to collaborate with key clinical and business stakeholders at NSH, IWK and DHW. This position is responsible for the requirement gathering, testing, implementation, maintenance, and support for primarily clinical information management and technology solutions and functions across NSH, IWK and its many external clients. The IM/IT SRA will be committed to a high standard of performance and will provide support across the organization to leverage IT applications aligned with NSH’s and its client’s strategic mission, vision and goals. Currently this position is a Hybrid work opportunity which can change as per organizational requirements. The IM/IT SRA performs a variety of tasks, including but not limited to: evaluation of requests for change, data retrieval; troubleshooting and assisting with the resolution of application errors and other system issues; development of materials and the communication of system changes to end users; and, building and maintaining all system configuration items in line with best practice and appropriate stakeholder approvals.
Requirements
- B.Sc. in Computer Science/Information Security/B. Business with Major in Information Technology or 4+ years equivalent experience in an Information Technology and Information Risk Management
- 1-2 years’ experience as a Security Analyst or Information Risk Analyst
- Strong applied knowledge of Security & Privacy Incident Response (NIST 800-61) & Event Management Processes
- Strong applied knowledge of Canadian Privacy Requirements (PIPEDA)
- Strong applied knowledge of Current Security Technologies and Tools
- Strong applied knowledge of Cloud Services (SaaS PaaS IaaS) as well as Microsoft Azure and Amazon AWS security practices
- Strong applied knowledge of Vulnerability Management processes, technologies and practices (NIST 800-40) and information Security Testing & Assessments (NIST 800-115)
- Strong applied knowledge of Supply Chain Risk Management (NIST 800-161)
- Strong applied knowledge of Risk Assessment methodologies and practices NIST 800-30, NIST 800-39 & ISO 31000
- Strong applied knowledge of Project Management Methodologies (Waterfall and Agile)
- Strong applied knowledge of Frameworks: NIST800-53, NIST CSF, ITIL, ISO 27001/02, MITRE ATT&CK® COBIT2019, FEDRAMP, CSA CAIQ
- Strong applied knowledge of Internal/External Audit Processes
Nice To Haves
- CISSP
- CRISC
- CISA
- CISM
- ISO 31000
- HCISPP
- ISSPM
- GIAC (GSLC)
- GIAC (GSTRT)
Responsibilities
- Analysis, classification, and response to cybersecurity risks within an organization.
- Addressing cybersecurity risk and analyzing potential business and customer risk.
- Aligning processes and controls to relevant frameworks and internal systems.
- Collaborating with key clinical and business stakeholders at NSH, IWK and DHW.
- Requirement gathering, testing, implementation, maintenance, and support for clinical information management and technology solutions and functions.
- Providing support across the organization to leverage IT applications aligned with NSH’s and its client’s strategic mission, vision and goals.
- Evaluation of requests for change.
- Data retrieval.
- Troubleshooting and assisting with the resolution of application errors and other system issues.
- Development of materials and communication of system changes to end users.
- Building and maintaining all system configuration items in line with best practice and appropriate stakeholder approvals.
Benefits
- health
- dental
- travel
- long-term disability
- life insurance coverage
- defined benefit pension plan
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
